(MIT.TechnologyReview) US government officials are preparing for a long-term threat: attackers who are collecting sensitive, encrypted data now in the hope that they’ll be able to unlock it at some point in the future.
The threat comes from quantum computers. Officials say efforts to protect the country from this long-term danger need to begin right now. Faced with this “harvest now and decrypt later” strategy, officials are trying to develop and deploy new encryption algorithms to protect secrets against an emerging class of powerful machines. That includes the Department of Homeland Security, which says it is leading a long and difficult transition to what is known as post-quantum cryptography.
“We don’t want to end up in a situation where we wake up one morning and there’s been a technological breakthrough, and then we have to do the work of three or four years within a few months—with all the additional risks associated with that,” says Tim Maurer, who advises the secretary of homeland security on cybersecurity and emerging technology.
DHS recently released a road map for the transition, beginning with a call to catalogue the most sensitive data, both inside the government and in the business world.
If it takes a long time for quantum computers to get to the point where they can solve a useful problem, “I think companies will forget the hype and implement the weakest thing that comes out of NIST until they are suddenly reminded of the problem in 30 years,” Vadim Lyubashevsky, a cryptographer at IBM who’s working on post-quantum cryptographic algorithms with NIST, told MIT Technology Review last year.
And that is exactly the scenario national security officials want to avoid.